4:10 p.m.
Logging out seems unnecessarily complicated. I need to have a management
url located in my application?
I use KeycloakUriBuilder to build the logout url and end up in the
logoutApplication method of ResourceAdminManager. That is where I am at a
loss. The application is expecting I have something in my app with a path
that contains "k_logout". What should happen at that location? What code
goes in the REST service at that location on my end?
Also, if I do not fill out the "Admin" url inside keycloak, the
managementUrl parameter comes back as an empty string instead of null.
That causes an error because the if statement in the logoutApplication
method only checks for null.
Thanks,
Dean
4:16 p.m.
On 3/24/2014 5:10 PM, Dean Peterson wrote:
Logging out seems unnecessarily complicated. I need to have a
management url located in my application?
How else would we do it? We have to:
1. Reset the realm's login cookie at the keycloak server's domain
2. Invalidate each login session of each logged in application
#1 requires a redirect to the keycloak server. For #2 we invoke
k_logout on each managementUrl which invalidates the HttpSession.
I use KeycloakUriBuilder to build the logout url and end up in the
logoutApplication method of ResourceAdminManager. That is where I am at
a loss. The application is expecting I have something in my app with a
path that contains "k_logout". What should happen at that location?
What code goes in the REST service at that location on my end?
Also, if I do not fill out the "Admin" url inside keycloak, the
managementUrl parameter comes back as an empty string instead of null.
That causes an error because the if statement in the logoutApplication
method only checks for null.
Keycloak server should check for empty string for managementUrl. That
is a bug.
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
3943
days inactive
3943
days old
1 comments
2 participants
participants (2)
-
Bill Burke -
Dean Peterson